SecurityHome.eu SymbOS.Worm.Keaf.A

Home / malware PDF

SymbOS.Worm.Keaf.A

First posted on 21 November 2011.
Source: BitDefender
Aliases :
SymbOS.Worm.Keaf.A is also known as SMS-Worm:SymbOS/Feak.
Explanation :
The worm has 2 components:
systemappsfeakk.exe
system
ecogsfeakk.mdl.
The .mdl file is set to start the .exe file on system startup.
Once installed and started, it looks in contact list for a contact named HACKME. If it succeeds, it starts it's worm behavior: sends SMSs to all the contacts in the list. The format of SMS messages is:
hey check this link out http://www.cs.ucsb.edu/%7efeakk/feakk.zip bye!
The zip doesn't reside on that link anymore.
Last update 21 November 2011

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20